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DETAILED ACTION 
Response to Arguments 

1 . The rejections of claims 1 9, 22, 25 under 35 USC § 1 01 have been overcome by 
Applicant's amendment. Accordingly, the rejections of the instant claims are withdrawn. 

2. Applicant's amendment of the claims has necessitated the new grounds of 
rejection provided herein. Applicant's arguments are mute in view of the new grounds of 
rejection. 



Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1, 3, 4, 6-11, 13, 14, 16-19, 21, 22, 24, 25 are rejected under 35 U.S.C. 
103(a) as being unpatentable over McGarvey (US 2003/0028773 A1) in view of 
publication "Cryptography and Data Security" Chapter 24.4 published by Denning in 
June 1982 (hereinafter Denning). 

5. Referring to the instant claims McGarvey discloses methods, systems and 
computer program products for secure delegation using public key authentication (see 
title). McGarvey teaches a middle-tier server which impersonates a client to a plurality 
of servers. A common nonce associated with each of the plurality of servers is obtained 
and the common nonce to the client. The common nonce signed by the client is 
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received at the middle-tier server and provided as a signature for transactions from the 
client to the plurality of servers so as to authenticate the client to the plurality of servers 
(see abstract and Fig. 1A). 

6. Referring to the independent claims 1 , 14, 17, 19, 25, the limitation "accepting a 
request for data from a client computer" is met by pre-nonce request (Fig. 1 A). The 
limitation "transmitting from a central computer a partial response to the client computer, 
wherein the partial response comprises at leas a nonce value..." is met by sending a 
nonce from the server 14 to client 10 (Fig. 1A). The limitation "the nonce value is 
digitally signed by the central computer and is used to authorize a limited number of 
accesses " is met by signed nonce (see Fig 1A and abstract). The signed nonce is 
sent form the remote computer to the middle-tier server, which meets the limitation of 
the instant claims, because client sends the signed nonce to receive a data from the 
server. The server 14 in Fig. 1 acts as a client and the remote computer (10) meets the 
server recited in the instant claims. Referring to the limited number of accesses, 
McGarvey teaches that the nonce contains a random number, which has an expiration 
period (see Fig. 7 block 730) 

However, McGarvey, does not teach the direct access to data on remote computer 
without using the central computer. Referring to the instant claims, Denning provides a 
description of Kerberos system (see pages 3-5 and Fig. on page 3). Denning explicitly 
shows that the client accesses the data form the server without using the central 
computer after receiving the encrypted Kerberos ticket (i.e. nonce). 
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Therefore, at the time the invention was made, it would have been obvious to one of 
ordinary skill in the art to modify the system of McGarvey using the signed nonces for 
accessing the data by the remote computer through the middle-tier server by adding the 
direct access functionality as taught in Denning. One of ordinary skill in the art would 
have been motivated to modify the system of McGarvey using the signed nonces for 
accessing the data by the remote computer through the middle-tier server by adding the 
direct access functionality as taught in Denning for authenticating the client to the data 
server (see page 5, "requesting a service") 

7. Referring to the independent claims 4, 9, 22, the limitation "request contains a 
nonce value which has been digitally signed with a digital signature" is met by a 
common nonce signed by the client (se abstract and Fig. 1A). The limitation "verifying 
the nonce value, wherein the step of verifying the nonce value comprises the step of 
verifying the digital signature" is met by Fig. 7 depicting verification of the common 
nonce signature (block 71 0). The limitation "returning the data item if the nonce value 
is valid" is met by sending the data form servers 20-24 to the client (see Fig. 1A). 

8. Referring to the independent claim 1 1 , the limitation "a request message 
receiver for accepting a request for data from a client computer" is met by nonce 
processing unit 360 (in Fig. 3). The limitation "a partial response transmitter for 
transmitting a partial response to the client computer" is met by unit 356 (in Fig. 3). 

9. Referring to claims 7 and 8, McGarvey teaches that nonce values are shared 
between client and the server, nonce being a common nonce. McGarvey also teaches 
storing the nonce values (see Fig. 3, block 364). 
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10. Referring to claims 3, 6, 13, 16, 21 and 24, McGarvey teaches that the nonce 
contains a random number, which has an expiration period (see Fig. 7, block 730). 

1 1 . Referring to claims 1 0, 1 8 and 26, McGarvey teaches that data and application 
programs are store in the memory. Therefore, McGarvey inherently teaches that 
requests are made for data item and computing services. 

Claim Rejections - 35 USC § 103 

12. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

13. Claims 2, 5, 12, 15, 20, 23 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over McGarvey (US 2003/0028773 A1) in view of Denning and further in 
view of Lincoln (U.S. Patent No. 6.820.201 B1). 

1 4. Referring to the instant claims McGarvey discloses methods, systems and 
computer program products for secure delegation using public key authentication (see 
title). McGarvey teaches a middle-tier server which impersonates a client to a plurality 
of servers. A common nonce associated with each of the plurality of servers is obtained 
and the common nonce to the client. The common nonce signed by the client is 
received at the middle-tier server and provided as a signature for transactions from the 
client to the plurality of servers so as to authenticate the client to the plurality of servers 
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(see abstract and Fig. 1A). Denning provides a description of Kerberos system (see 
pages 3-5 and Fig. on page 3). Denning explicitly shows that the client accesses the 
data form the server without using the central computer after receiving the encrypted 
Kerberos ticket (i.e. nonce). McGarvey and Denning, however, do not explicitly teach 
charging an entity upon use of the nonce. 

15. Referring to the instant claims, Lincoln discloses a system using information- 
based indicia for securing and authenticating transactions (see abstract and Fig. 3a, b). 
The system of Lincoln includes one or more computers configured to receive as input a 
nonce number from the user's nonce stamp; to encrypt the nonce number; and to 
provide to the user a digital certificate including the encrypted nonce number, such that 
the nonce stamp and the digital certificate may collectively be presented as an 
information-based indicium to authenticate the desired transaction (see column 3, lines 
1 8-27). In some applications the computers may not be configured to charge the user 
prior to providing the digital certificate, and instead the user may be charged (such as 
through a banking system) after the certificate/nonce stamp pair is negotiated (see 
column 3, lines 18-27). Therefore, at the time the invention was made it would have 
been obvious to one of ordinary skill in the art to modify the system of McGarvey and 
Denning, which uses the common nonces transmitted between the client and the 
server, by charging the client upon use of the nonce value as taught in Lincoln. One of 
ordinary skill in the art would have been motivated to modify the system of McGarvey 
and Denning, which uses the common nonces transmitted between the client and the 
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server, by charging the client upon use of the nonce value as taught in Lincoln for 
charging the use per each transaction (see Lincoln, column 3, lines 1 8-27). 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Grigory Gurshman whose telephone number is 
(571 )272-3803. The examiner can normally be reached on 9 AM-5:30 PM. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571)272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Grigory Gurshman 
Examiner 
Art Unit 21 32 
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PRIMARY EXAMINER 




